Skip to main content

Patient Portal

5 CVEs product

Monthly

CVE-2022-1067 MEDIUM This Month

Navigating to a specific URL with a patient ID number will result in the server generating a PDF of a lab report without authentication and rate limiting. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Patient Portal
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2017-5599 MEDIUM This Month

An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Patient Portal
NVD GitHub VulDB
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-5598 HIGH POC This Week

An issue was discovered in eClinicalWorks healow@work 8.0 build 8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Patient Portal
NVD GitHub VulDB
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-5570 HIGH This Week

An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Patient Portal
NVD GitHub VulDB
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-5569 CRITICAL Act Now

An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Patient Portal
NVD GitHub VulDB
CVSS 3.0
9.8
EPSS
1.4%
EPSS 1% CVSS 6.5
MEDIUM This Month

Navigating to a specific URL with a patient ID number will result in the server generating a PDF of a lab report without authentication and rate limiting. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Patient Portal
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Patient Portal
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH POC This Week

An issue was discovered in eClinicalWorks healow@work 8.0 build 8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Patient Portal
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH This Week

An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Patient Portal
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Patient Portal
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy